Note
This article was translated and refined with the assistance of generative AI, based on the original article in Japanese. All final content was reviewed and approved by the author.
A Computer Science Enthusiast Explores an Anti‑Resale System
This time, as someone pursuing computer science, I conducted a serious thought experiment on how an anti‑resale system could work.
Note
This article is purely a thought experiment by the author. Please be cautious about the accuracy and reliability of the information.
A Computer Science Enthusiast Talks About Relativity
Physical laws can be expressed using tensor equations.
Tensor equations inherently capture the essence of relativity.
The term relativity theory just sounds cool, doesn’t it?
Of course, relativity itself isn’t required here. What I want to explore is how to express an anti‑resale mechanism in a mathematical, formula‑like way.
A Computer Science Enthusiast Talks About Anti‑Resale
Anti‑resale means tracking people.
Tracking items only catches the buyer, not the reseller.
Because the item always ends up with the final buyer.
A signature for anti‑resale must have a conserved quantity.
A signature with a conserved quantity can fundamentally track people.
The first note above sets the premise for treating the system mathematically: the focus is on tracking people, not items. Punishing the buyer instead of the reseller isn’t very meaningful.
The second note is more mathematical. “Conserved quantity” is a term you may know from physics—like conservation of mass or energy. In mathematics, the closest concept would be equivalence classes.
For this article, I’ll stick with the more familiar term conserved quantity.
What Is a Signature?
Here, a “signature” means a method that guarantees a string is authentic.
message_{sample} = \text{"pro_001 Prod"}
pubkey_{sample} = f\left( message , prikey \right)
\{ True, False \} \ni g\left( message, pubkey \right)
Suppose someone wants to guarantee the authenticity of the string "pro_001 Prod".
They generate a public key pubkey using their private key prikey, as shown in the second equation. Only someone who knows the private key can compute this pubkey.
Then they publish both pubkey and the verification function g.
When g(message, pubkey) is evaluated with message = "pro_001 Prod", it returns True only for the correct pubkey.
Thus, a third party can confirm:
“Since the published pubkey validates the message ‘pro_001 Prod’, this message must have been issued by the person who wants to prevent resale.”
Famous examples include RSA signatures (based on prime factorization) and ECDSA (based on elliptic curves).
When There Is No Conserved Quantity
Imagine a sequence of signatures like the diagram above.
Each string—such as “pro_001 Prod”—has a public key available for verification.
Over time, the signature evolves:
- First:
pro_001 Prod - Then:
pro_001 Prod RetA - Finally:
pro_001 Prod RetA ConC
At the final stage, the item pro_001 is owned by Consumer C.
If Consumer E ends up possessing it, resale is detected.
Who resold it?
Naively, Consumer C.
But resellers know this, so they may:
- Avoid signing with their own name
- Collude with retailers to avoid leaving a trace
This is exactly the situation described earlier:
the system tracks items, not people.
When There Is a Conserved Quantity
With an owner‑count‑conserving signature, only the current owner appears in later signatures.
But this is not the essential part.
The essential behavior of the system is:
- The administrator (producer) knows all signature methods
- Each retailer can sign only using their assigned signature app
- Each retailer’s signature method is unique and unknown to others
Now suppose Consumer E owns pro_001. Resale is detected as before.
But this time, the reseller must be Consumer C (or someone acting through C).
Why?
Because if a retailer fails to use the official owner‑change app, they themselves become the prime suspect.
Retailers can only use their assigned signature type.
So if resale is detected, the producer can say:
“This signature matches the app I gave you. That means you are responsible, right?”
Thus, retailers are strongly incentivized to use the owner‑change app properly.
This makes the producer’s response simple:
Disable the offending signature app and cut ties with that retailer.
If pro_001 is a game console, the producer can identify the serial number from the signature and block its internet access.
Blocking a console’s internet access is already possible today, but the key difference is that the retailer’s responsibility becomes explicit.
As a side note, “owner‑count conservation” reflects the difference in authority:
- Producers can ignore conservation and assign owners to new items (i.e., create signatures with no previous owner)
- Retailers can only change ownership of items they already possess (i.e., signatures with a previous owner)
This constraint is what makes “conserved quantity” the cleanest mathematical expression.
What Is Cryptographic Cash?
Earlier, I mentioned that if pro_001 were a game console, the producer could identify it from the signature.
This means that any ID‑like string is enough—it doesn’t have to be a product.
So let’s imagine pro_001 is cash.
I call this concept cryptographic cash.
Imagine a convenience‑store robbery.
The cash in the register is tagged with the retailer’s ownership.
If the robber tries to spend it, the system detects:
“Why is a normal customer using money owned by Retailer E?”
Similarly, consider pickpocketing.
The stolen cash still shows the original owner.
If the register displays characteristics of the expected owner (gender, age, height, etc.), the mismatch can probabilistically reveal the theft.
The system is still imperfect—giving your child pocket money might trigger “Is this theft!?”—so fine‑tuning is needed.
This concept could be particularly relevant in Japan, where cash is still used extensively in daily life.
Conclusion
The concept of cryptographic cash introduced here is:
A technology that behaves like traditional cash while retaining the traceability of crypto assets.
Applied to products, it enables high‑quality detection of resellers.
Personally, I feel that the rise of cryptocurrencies has given cryptography an undeserved shady reputation.
I wanted to show that cryptographic techniques are genuinely useful, so I tackled this seriously—and I think the result turned out quite well.